diff --git a/cms-ver.php b/cms-ver.php index 02d261a..53adb77 100644 --- a/cms-ver.php +++ b/cms-ver.php @@ -135,6 +135,9 @@ $versions = array( array("ZenPhoto", "/zp-core/functions.php", "define('ZENPHOTO_VERSION',"), array("ZenPhoto", "/zp-core/version.php","define('ZENPHOTO_VERSION',"), array("Eventum Issue Tracker", "/init.php", "define('APP_VERSION',"), + array("PHPDevShell", "/includes/PHPDS.inc.php", "define('phpdevshell_version', 'PHPDevShell V"), + array("phpAds", "/libraries/lib-dbconfig.inc.php", "\$phpAds_version_readable ="), + array("Smarty Framework", "/smarty/libs/Smarty.class.php", "var \$_version"), // still need to work on these array("CubeCart", "/index.php", "CubeCart v"), // may need one more line diff --git a/malware5.pl b/malware5.pl index 5128039..1d6524c 100644 --- a/malware5.pl +++ b/malware5.pl @@ -387,7 +387,9 @@ my @regexen = ( qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=.+?\\x66lat\\x65\(b\"\.chr\(97\)\.\"se64\"\.chr\(95\)\.\"\"\.chr\(100\)\..+?\"([0-9]{1,20})\"\);/is, qr/<\?php.+?Leaf\s+PHP\s+Mailer.+?leafmailer\.pw.+?print\s+\'<\/body>\'\;\s+\?>/is, qr/.+?pornstar.+?gay.+?www\..+?<\/h1><\/a>.+?<\/u>/is, - + qr/<\?php\s+error\_reporting\(.+?\@include\(\$\_FILES\[\'u\'\]\[\'tmp\_name\'\]\)\;.+?header\(\"HTTP\/1\.0\s+404.+?exit\(\)\;\s+\}\s+\?>/is, + qr/<\?php\s+\@assert\(\$\_POST\[\'([A-z0-9]{1,20})\'\]\)\;\?>/is, + ); diff --git a/malwaresh.pl b/malwaresh.pl index cc1ba6b..514e6b9 100644 --- a/malwaresh.pl +++ b/malwaresh.pl @@ -870,7 +870,8 @@ my @regexen = ( qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=.+?\\x66lat\\x65\(b\"\.chr\(97\)\.\"se64\"\.chr\(95\)\.\"\"\.chr\(100\)\..+?\"([0-9]{1,20})\"\);/is, qr/<\?php.+?Leaf\s+PHP\s+Mailer.+?leafmailer\.pw.+?print\s+\'<\/body>\'\;\s+\?>/is, qr/.+?pornstar.+?gay.+?www\..+?<\/h1><\/a>.+?<\/u>/is, - + qr/<\?php\s+error\_reporting\(.+?\@include\(\$\_FILES\[\'u\'\]\[\'tmp\_name\'\]\)\;.+?header\(\"HTTP\/1\.0\s+404.+?exit\(\)\;\s+\}\s+\?>/is, + qr/<\?php\s+\@assert\(\$\_POST\[\'([A-z0-9]{1,20})\'\]\)\;\?>/is, );